{"id":1072,"date":"2024-11-01T09:16:00","date_gmt":"2024-11-01T01:16:00","guid":{"rendered":"http:\/\/localhost:8081\/Moonsshieldhk\/wordpress\/?p=1072"},"modified":"2024-12-18T15:37:49","modified_gmt":"2024-12-18T07:37:49","slug":"greynoise-credits-ai-for-spotting-exploit-attempts-on-iot-livestream-cams-2","status":"publish","type":"post","link":"https:\/\/moonsshieldhk.com\/index.php\/en\/2024\/11\/01\/greynoise-credits-ai-for-spotting-exploit-attempts-on-iot-livestream-cams-2\/","title":{"rendered":"GreyNoise Credits AI for Spotting Exploit Attempts on IoT Livestream Cams"},"content":{"rendered":"\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"797\" data-id=\"1073\" src=\"https:\/\/moonsshieldhk.com\/wp-content\/uploads\/2024\/12\/IIoT-industrial-2.jpg\" alt=\"\" class=\"wp-image-1073\"\/><\/figure>\n<\/figure>\n\n\n\n<p><strong>Cybersecurity firm GreyNoise Intelligence is crediting an AI-powered tool for capturing attempts to exploit critical vulnerabilities in live streaming IoT cameras widely deployed at healthcare, industrial operations and government facilities.&nbsp;<\/strong><\/p>\n\n\n\n<p>GreyNoise said it detected two distinct vulnerabilities \u2014 CVE-2024-8956 and CVE-2024-8957 \u2014 after an exploit attempt on its Sift automated threat-hunting honeypot system.&nbsp;<\/p>\n\n\n\n<p>\u201cAn attacker had developed and automated a zero-day vulnerability exploit, using a broad-spectrum reconnaissance and targeting strategy to run it across the internet,\u201d GreyNoise said in a&nbsp;security bulletin.<\/p>\n\n\n\n<p>The company said the exploit instead hit its global sensor network, where an internal AI technology flagged the unusual activity. \u201cUpon further investigation, GreyNoise researchers discovered the zero-day vulnerabilities. Once exploited, attackers could potentially seize complete control of the cameras, view and\/or manipulate video feeds, disable camera operations, and enlist the devices into a botnet to launch denial-of-service attacks.\u201d<\/p>\n\n\n\n<p>The most severe of the two vulnerabilities (CVE-2024-8956) carries a CVSS score of 9.1 out of 10 and allows an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data.&nbsp;<\/p>\n\n\n\n<p>The second bug is rated CVSS 7.2\/10 and can be chained with CVE-2024-8956 to execute arbitrary OS commands on the affected cameras, potentially allowing an attacker to seize full control of the system, GreyNoise said.<\/p>\n\n\n\n<p>The company warned that the vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers.&nbsp; Affected devices run VHD PTZ camera firmware versions below 6.3.40, used in devices from PTZOptics, Multicam Systems SAS, and SMTAV Corporation.<\/p>\n\n\n\n<p>GreyNoise noted that these cameras typically feature an embedded web server for direct browser access, and are commonly deployed in high-security environments like industrial sites, healthcare facilities, and government institutions.<\/p>\n\n\n\n<p>GreyNoise founder and chief architect Andrew Morris raved about the value of AI-powered technology to help flag this threat. \u201cThis isn\u2019t about the specific software or how many people use it \u2014 it\u2019s about how AI helped us catch a zero-day exploit we might have missed otherwise,\u201d Morris said.<\/p>\n\n\n\n<p>\u201cWe caught it before it could be widely exploited, reported it, and got it patched. The attacker put a lot of effort into developing and automating this exploit, and they hit our sensors. Today it\u2019s a camera, but tomorrow it could be a zero-day in critical enterprise software,\u201d he added.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity firm GreyNoise Intelligence is crediting  [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1067,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-1072","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category--en"],"_links":{"self":[{"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/posts\/1072","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/comments?post=1072"}],"version-history":[{"count":0,"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/posts\/1072\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/media\/1067"}],"wp:attachment":[{"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/media?parent=1072"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/categories?post=1072"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/moonsshieldhk.com\/index.php\/wp-json\/wp\/v2\/tags?post=1072"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}